Merge pull request #3 from ClubCedille/add-rook

add rook app
ClubCedille · Nov 8, 2024 · fef3aed · fef3aed
2 parents 12011a2 + 80b0dc8
commit fef3aed
Show file tree

Hide file tree

Showing 9 changed files with 16,450 additions and 3 deletions.
diff --git a/bases/common/cert-manager/cert-manager-app.yaml b/bases/common/cert-manager/cert-manager-app.yaml
@@ -12,7 +12,7 @@ spec:
     - chart: cert-manager
       helm:
         valueFiles:
-          - $values/bases/cert-manager/helm/cert-manager-values.yaml
+          - $values/bases/common/cert-manager/helm/cert-manager-values.yaml
         parameters:
           - name: installCRDs     # Not recommended for prod installs according to: https://cert-manager.io/docs/installation/helm/
             value: "true"
@@ -23,7 +23,7 @@ spec:
       ref: values
     - repoURL: 'https://github.com/ClubCedille/k8s-base.git'
       targetRevision: master
-      path: bases/cert-manager/issuers
+      path: bases/common/cert-manager/issuers
   syncPolicy:
     automated: {}
     syncOptions:

diff --git a/bases/common/kustomization.yaml b/bases/common/kustomization.yaml
@@ -3,4 +3,5 @@ kind: Kustomization
 
 resources:
   - cert-manager/
-  - contour/
+  - contour/
+  - rook/
diff --git a/bases/common/rook/kustomization.yaml b/bases/common/rook/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - rook-app.yaml
diff --git a/bases/common/rook/ressources/cluster-external.yaml b/bases/common/rook/ressources/cluster-external.yaml
@@ -0,0 +1,33 @@
+#################################################################################################################
+# Define the settings for the rook-ceph-external cluster with common settings for a production cluster.
+
+# For example, if Rook is not managing any existing cluster in the 'rook-ceph' namespace do:
+#   kubectl create -f crds.yaml -f common.yaml -f operator.yaml
+#   kubectl create -f cluster-external.yaml
+
+# If there is already a cluster managed by Rook in 'rook-ceph' then do:
+#   kubectl create -f common-external.yaml
+#   kubectl create -f cluster-external.yaml
+#################################################################################################################
+apiVersion: ceph.rook.io/v1
+kind: CephCluster
+metadata:
+  name: rook-ceph-external
+  namespace: rook-ceph-external  # namespace:cluster
+spec:
+  external:
+    enable: true
+  crashCollector:
+    disable: true
+  healthCheck:
+    daemonHealth:
+      mon:
+        disabled: false
+        interval: 45s
+  # optionally, the ceph-mgr IP address can be passed to gather metric from the prometheus exporter
+  # monitoring:
+  #   enabled: true
+  #   rulesNamespace: rook-ceph
+  #   externalMgrEndpoints:
+      # - ip: ip
+      # externalMgrPrometheusPort: 9283
diff --git a/bases/common/rook/ressources/common-external.yaml b/bases/common/rook/ressources/common-external.yaml
@@ -0,0 +1,83 @@
+###################################################################################################################
+# Create the common resources that are necessary to start an external Ceph cluster in a different namespace
+# These resources can be created after an operator that is already running but assumes common.yaml has been injected
+# The samples all assume that your existing operator running "rook-ceph" namespace will also watch and have permissions
+# to interact with an external cluster configured in "rook-ceph-external" cluster.
+#
+# kubectl create -f crds.yaml -f common.yaml -f operator.yaml -f common-external.yaml
+#
+# If there is no cluster managed by the current Rook Operator
+# you can simply replace all occurrence of rook-ceph-external with rook-ceph
+#
+# And remove the following code:
+#
+#   apiVersion: v1
+#   kind: Namespace
+#   metadata:
+#     name: rook-ceph-external
+#
+# Then kubectl create -f cluster-external.yaml
+###################################################################################################################
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: rook-ceph-external # namespace:cluster
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: rook-ceph-cluster-mgmt
+  namespace: rook-ceph-external # namespace:cluster
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: rook-ceph-cluster-mgmt
+subjects:
+  - kind: ServiceAccount
+    name: rook-ceph-system
+    namespace: rook-ceph # namespace:operator
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: rook-ceph-cmd-reporter
+  namespace: rook-ceph-external # namespace:cluster
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: rook-ceph-cmd-reporter
+subjects:
+  - kind: ServiceAccount
+    name: rook-ceph-cmd-reporter
+    namespace: rook-ceph-external # namespace:cluster
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: rook-ceph-cmd-reporter
+  namespace: rook-ceph-external # namespace:cluster
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: rook-ceph-default
+  namespace: rook-ceph-external # namespace:cluster
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: rook-ceph-cmd-reporter
+  namespace: rook-ceph-external # namespace:cluster
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - pods
+      - configmaps
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+      - delete